SY0-301 · Question #884
An administrator discovers that many users have used their same passwords for years even though the network requires that the passwords be changed every six weeks. Which of the following, when used to
The correct answer is B. Password history C. Minimum password age. Users circumvent password expiration by changing their password when required, then immediately changing it back to the original. Two controls close this loophole together: Password history (B) stores a record of previous passwords and prevents the user from reusing any of them (
Question
An administrator discovers that many users have used their same passwords for years even though the network requires that the passwords be changed every six weeks. Which of the following, when used together, C their existing password? (Select TWO).
Options
- ALength of password
- BPassword history
- CMinimum password age
- DPassword expiration
- EPassword complexity
- FNon-dictionary words
How the community answered
(26 responses)- A4% (1)
- B77% (20)
- D4% (1)
- E4% (1)
- F12% (3)
Explanation
Users circumvent password expiration by changing their password when required, then immediately changing it back to the original. Two controls close this loophole together: Password history (B) stores a record of previous passwords and prevents the user from reusing any of them (e.g., last 10 passwords), blocking the direct re-use. Minimum password age (C) enforces a waiting period (e.g., 1 day) before a user can change their password again, preventing users from rapidly cycling through enough new passwords to exhaust the history and return to their original. Neither control alone is sufficient - both must be combined to effectively prevent password recycling.
Topics
Community Discussion
No community discussion yet for this question.